Associate – Strategy & Cybersecurity Consulting

Interested in advising leading companies on how to stay ahead in the fast-paced digital era?

Metis Strategy, a management and strategy consulting firm, focused on the intersection of business and technology, continues to grow and is looking for highly motivated individuals to join our San Francisco Bay Area team. We are trusted advisors to Fortune 500 and Global 1000 companies, helping them meet their most critical business objectives through tailored engagements and deep professional relationships. We work across industries on topics related to business & digital strategy and navigating organizational change.

We are an entrepreneurial, fast-growing firm headquartered in the Washington, D.C. area with offices in the San Francisco Bay Area and Dallas, Texas. The firm’s presence from coast to coast allows us to serve clients throughout the United States and internationally. In our 20+ year history, we have established a track record of making lasting impacts on organizational performance and helping executives improve business outcomes. In a career with Metis Strategy you will experience high growth as you encounter new challenges with each client engagement; have a high degree of autonomy to craft the direction of your work; and become empowered to work directly with thought-leaders, C-level clients, and other decision-makers.

Responsibilities Of An Associate

The Consulting Associate in Metis Strategy’s Cybersecurity Practice plays a key role in supporting client engagements focused on designing and delivering secure, resilient, and compliant technology strategies for large enterprises. As an Associate, you will leverage proprietary methodologies and industry best practices to help clients assess cybersecurity maturity, identify and prioritize risks, build governance and operating models, and accelerate adoption of secure technology solutions.

You will be responsible for collaborating with project teams to assess client cybersecurity maturity across people, processes, technology, data, and culture, utilizing Metis Strategy’s diagnostic frameworks. You will support the identification, evaluation, and prioritization of key cybersecurity risks and mitigation opportunities, leveraging standardized assessment methods and business case templates. This involves gathering and synthesizing stakeholder perspectives through interviews, workshops, and surveys, with the aim of translating insights into actionable recommendations and strategic enterprise risk maps.

The successful candidate will contribute to the development of cybersecurity operating models, governance structures, and change management plans to enable robust and scalable security practices throughout business functions. You will assist with the design, assessment, and implementation of cybersecurity platforms and architectures, which may include identity and access management systems, data protection mechanisms, endpoint protection tools, cloud security controls, and zero-trust models.

You will be required to prepare high-quality deliverables such as strategy documents, roadmaps, business cases, and executive presentations, tailored for senior IT, risk, and compliance leaders. You will conduct market research, benchmarking, and competitive analysis to inform recommendations and accelerate client adoption of cybersecurity best practices. In addition, you will be expected to build both internal and client capabilities by supporting fluency programs, developing reusable playbooks, and implementing sustainable processes to drive ongoing improvements in security posture.

Your responsibilities will also include supporting the documentation and review of cybersecurity governance policies, standards, and operating models to ensure consistent and secure management of technology assets. You will assist with identifying security risks and documenting compliance requirements related to cybersecurity and privacy, ensuring alignment with regulatory standards such as GDPR, CCPA, HIPAA, PCI DSS, NIST, and SOC2. You will partner with technology teams and client stakeholders to evaluate cybersecurity platforms, architecture patterns, and resilience strategies, ultimately enabling the delivery of trusted and compliant security solutions.

Qualifications And Expectations

• Bachelor’s or Master’s degree in a quantitative, technical, or business field (e.g., Computer Science, Cybersecurity, Engineering, Business, Information Systems).
• Demonstrated experience or education in cybersecurity principles, enterprise security architecture, risk management, and/or technology transformation.
• Familiarity with leading cybersecurity platforms and architectures, data protection strategies and IAM technology
• Ability to support risk discovery, gap analysis, and remediation planning for cybersecurity, contributing to recommendations and secure technology adoption.
• Awareness of cybersecurity governance frameworks, risk assessment methodologies, and policy development (e.g., NIST, CIS, ISO/IEC 27001).
• Understanding of security, privacy, and compliance requirements associated with enterprise technology environments and critical systems, including relevant regulations and standards.
• Strong problem-solving and analytical skills; comfort with quantitative analysis, business case development, and technical security concepts.
• Excellent written and verbal communication skills, including ability to distill complex topics into clear recommendations for senior audiences.
• Collaborative, adaptable mindset with an ability to thrive in fast-paced consulting projects and cross-functional teams.
• Experience supporting client engagements via research, stakeholder interviews, and deliverable development is a plus.

What Metis Strategy Has To Offer

Successful candidates will be motivated by the desire to make a difference by helping our clients achieve and maintain strategic and operational excellence while continuously improving their own skill set and embracing emerging intellectual challenges.

The standard base pay range for this role is $100,000 - $150,000, annually. This position is also eligible for bonus compensation. Additional benefits include comprehensive medical insurance, dental insurance, vision insurance, parental leave, family benefits, retirement contributions, paid time off, and more. Compensation and benefits are competitive and will be commensurate with each candidate’s qualifications and relevant work experience. Eligibility to work in the U.S. without sponsorship is preferred.

In addition to individual compensation and individual professional growth, we offer the unique opportunity to help grow the intellectual, functional, economic, and geographic footprint of our thriving technology and business advisory firm. We not only support but expect all members of the team to identify new growth opportunities and pursue novel approaches to realize them in a way that benefits Metis Strategy and its client and partner ecosystem.

If you are driven by the desire to help some of the world’s most renowned companies solve complex business problems and excited by the intersection of business strategy and technological innovation, you will enjoy being part of our team.